CVE-2019-11724

Related Files

Gentoo Linux Security Advisory 201908-12

Posted Aug 15, 2019

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-12 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 60.8.0 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2019-11707, CVE-2019-11708, CVE-2019-11709, CVE-2019-11710, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11718, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811

SHA-256 | 9c1b71d78a94d040a45e2a38d652fada76b7a84a057a50826157ff452c810ac7

Download | Favorite | View

Ubuntu Security Notice USN-4054-2

Posted Jul 26, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4054-2 - USN-4054-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass same origin restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, spoof origin attributes, spoof the addressbar contents, bypass safebrowsing protections, or execute arbitrary code. It was discovered that Firefox treats all files in a directory as same origin. If a user were tricked in to downloading a specially crafted HTML file, an attacker could potentially exploit this to obtain sensitive information from local files. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof, vulnerability, xss, csrf

systems | linux, ubuntu

advisories | CVE-2019-11711, CVE-2019-11715, CVE-2019-11719, CVE-2019-11724, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811

SHA-256 | 9573711ae77b9f804c17bb7d87e64c1ac94e7240fc30836a442eedef386d1b66

Download | Favorite | View

Ubuntu Security Notice USN-4054-1

Posted Jul 12, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4054-1 - A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass same origin restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, spoof origin attributes, spoof the addressbar contents, bypass safebrowsing protections, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss, csrf

systems | linux, ubuntu

advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811

SHA-256 | efed5f9ddc3684e7f863dc8438c5a72e1a0114838f1748ce7426e214fd501234

Download | Favorite | View